[SCM] Samba Shared Repository - branch master updated

Michael Adam obnox at samba.org
Thu Jan 14 08:08:54 MST 2010 

The branch, master has been updated
       via  8573471... s3:auth: fix account unlock regression introduced with fix for bug #4347
      from  743adfd... s3 selftest: Enable the WINBIND-STRUCT tests

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 8573471154d63644bc581d0b6a80f73927ca3e93
Author: Michael Adam <obnox at samba.org>
Date:   Thu Jan 14 14:24:35 2010 +0100

    s3:auth: fix account unlock regression introduced with fix for bug #4347
    
    By an oversight, the patchset for #4347 made the unlocking of a locked
    account after the lockout duration ineffective.
    Thanks to Björn for finding this!
    
    Michael

-----------------------------------------------------------------------

Summary of changes:
 source3/auth/auth_sam.c |   12 +++++-------
 1 files changed, 5 insertions(+), 7 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index 1dd8fc9..01b2517 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -369,7 +369,6 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 	DATA_BLOB user_sess_key = data_blob_null;
 	DATA_BLOB lm_sess_key = data_blob_null;
 	bool updated_autolock = False, updated_badpw = False;
-	uint32_t acct_ctrl;
 	const char *username;
 	const uint8_t *nt_pw;
 	const uint8_t *lm_pw;
@@ -399,22 +398,21 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
-	acct_ctrl = pdb_get_acct_ctrl(sampass);
 	username = pdb_get_username(sampass);
 	nt_pw = pdb_get_nt_passwd(sampass);
 	lm_pw = pdb_get_lanman_passwd(sampass);
 
 	/* see if autolock flag needs to be updated */
-	if (acct_ctrl & ACB_NORMAL)
+	if (pdb_get_acct_ctrl(sampass) & ACB_NORMAL)
 		pdb_update_autolock_flag(sampass, &updated_autolock);
 	/* Quit if the account was locked out. */
-	if (acct_ctrl & ACB_AUTOLOCK) {
+	if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) {
 		DEBUG(3,("check_sam_security: Account for user %s was locked out.\n", username));
 		return NT_STATUS_ACCOUNT_LOCKED_OUT;
 	}
 
 	nt_status = sam_password_ok(auth_context, mem_ctx,
-				    username, acct_ctrl, lm_pw, nt_pw,
+				    username, pdb_get_acct_ctrl(sampass), lm_pw, nt_pw,
 				    user_info, &user_sess_key, &lm_sess_key);
 
 	/* Notify passdb backend of login success/failure. If not 
@@ -426,7 +424,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 		bool increment_bad_pw_count = false;
 
 		if (NT_STATUS_EQUAL(nt_status,NT_STATUS_WRONG_PASSWORD) && 
-		    acct_ctrl & ACB_NORMAL &&
+		    pdb_get_acct_ctrl(sampass) & ACB_NORMAL &&
 		    NT_STATUS_IS_OK(update_login_attempts_status)) 
 		{
 			increment_bad_pw_count =
@@ -457,7 +455,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 		goto done;
 	}
 
-	if ((acct_ctrl & ACB_NORMAL) &&
+	if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) &&
 	    (pdb_get_bad_password_count(sampass) > 0)){
 		pdb_set_bad_password_count(sampass, 0, PDB_CHANGED);
 		pdb_set_bad_password_time(sampass, 0, PDB_CHANGED);


-- 
Samba Shared Repository

More information about the samba-cvs mailing list